Android's Factory Reset May Not Be What You Expect

The security outfit Avast has written up a breathless advertorial claiming that selling an old Android phone exposes all your personal data—even after a factory reset. The company bought 20 used phones off eBay that the sellers thought had been wiped out, but by using forensics techniques, Avast was able to recover the previous owner's data. The melodramatic descriptions of the leftover data includes "family photos of children," "photos of women in various stages of undress," and "selfies of what appear to be the previous owner’s manhood," along with the usual texts and e-mails. Like all Anti-virus company bulletins, the recommended solution is to install the company's product, in this case the freemium "Avast! Anti-Theft" app.

While the tone is definitely over-the-top, the issue raised is legitimate. It's something that affects most computers: there is a big difference between "deletion" and "secure erase." Deleting something—either a single file or a whole partition—usually involves changing an index that points to the thing, rather than deleting the thing itself. Since only the pointer to the bits is changed, and not the actual bits, recovery software can reconstruct the contents of the "deleted" information. While you could make every deletion or partition wipe physically erase the bits, this is usually a waste of time, and, on flash memory, it would reduce the life of the device.

No comments:

Post a Comment